Privacy Policy

Last updated: May 11, 2026

LunaRabbit ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our services, including:

• LunaRabbit Office — AI add-ins for Microsoft Office™ and Google Workspace™ (Google Sheets™, Microsoft Excel™, and planned: Google Docs™, Google Slides™, Microsoft PowerPoint™, Microsoft Word™).

Collectively referred to as the "Services."

1. Information We Collect

Account Information

When you create an account, we collect:

• Email address
• Password (stored in hashed form; we never store plaintext passwords).
• Display name

Usage Data

We automatically collect:

• Feature usage statistics (which tools and functions you use)
• Performance metrics (response times, error rates)
• Device and browser information
• IP address (for rate limiting and security)

Document Data

When our Services become available, we will access your active document content to provide context for AI responses. Specifically:

• Google Sheets™: The content of your active sheet (used range) will be sent to our servers for processing. Sheet names will also be sent for navigation context.
• Microsoft Excel™: The content of your active worksheet (used range), sheet names, and cell formatting data will be sent to our servers for processing. This applies to both Microsoft Excel™ desktop and Microsoft Excel™ Online.

We plan to expand to additional platforms (Google Docs™, Google Slides™, Microsoft PowerPoint™, Microsoft Word™) in the future. When these platforms become available, similar data access policies will apply, and this Privacy Policy will be updated accordingly.

We do not access data from other files, closed documents, or documents you are not actively working with. During a conversation, the AI may read additional content from your active document as needed to complete your request.

Document content sent for AI processing is used to generate a response. Image-upload caches and transient processing artifacts are deleted within 24 hours; custom function result caches are retained for up to 30 days as described in Section 6.

Conversation History (Cloud Storage)

Effective May 11, 2026: chat conversations are stored on LunaRabbit servers (cloud-only) for up to 365 days from creation, after which they are automatically deleted. This change replaces the previous "session-memory only" model and was made so you can resume conversations across devices and recover history if you switch browsers.

• What is stored: conversation messages (user prompts and AI responses), conversation metadata (title, timestamps), and tool-call records.
• Retention: 365 days from the conversation's creation date. Older conversations are automatically deleted by a daily garbage-collection job.
• Your rights: you can delete individual conversations or your entire history at any time via the in-app Settings menu (My Info → Privacy). Deletion is immediate and cascades to all related messages.
• Encryption: stored at rest in our PostgreSQL database with AWS RDS encryption (KMS-managed keys). Access is restricted to authenticated requests by you (the conversation owner).

Anonymized Pattern Use (Opt-in)

If you opt in via the Disclaimer modal at sign-up or the in-app Settings menu, we may retain a de-identified snapshot of each conversation turn for the following purposes:

• Retrieval Augmentation (current): snapshots are extracted, quality-scored, and stored as fewshot examples in our vector database (Qdrant). They are retrieved as similar-case context for other users' prompts to improve response quality.
• Future Fine-Tuning (planned): when LunaRabbit develops its own AI models or undertakes directed fine-tuning of third-party models, anonymized patterns may be used as training data for supervised fine-tuning. This forward-looking disclosure means a single opt-in covers both current and planned uses (no separate re-consent required when fine-tuning begins).

De-identification uses industry-standard techniques: named-entity recognition for personal names and organizations (Latin and CJK scripts), regex matching for emails, phone numbers, IP addresses, payment-card numbers, and government-issued identifiers. The retained data is associated only with an HMAC-derived session hash (never your user ID) and is intended to qualify as anonymous information under GDPR Recital 26. We acknowledge no de-identification process is perfect and continuously improve our techniques.

Both Free and Paid plans: opt-in is independent of your subscription tier. Default is opt-out (we collect nothing for AI improvement until you affirmatively enable it). You can withdraw consent at any time via Settings. Note that already-incorporated patterns in our fewshot database or fine-tuned models cannot be retroactively removed, but no new patterns will be extracted from your conversations after withdrawal.

Legal basis: GDPR Art. 6(1)(a) explicit consent + Art. 7(3) right to withdraw. Korean PIPA Art. 22 별도 동의 (separate consent) requirement satisfied via the dedicated checkbox.

Custom Function Inputs

When you use our custom AI functions (such as =LR.AI(), =LR.TRANSLATE(), =LR.WEB()), the prompt text and parameters you supply are stored as part of your usage history for analytics, billing accuracy, and abuse prevention. This information is associated with your account and is distinct from conversation content. You may export or delete this data at any time using the rights described in Section 8.

2. How We Use Your Information

We use your information to:

• Provide and improve our AI services
• Process your AI queries and return results
• Manage your account and billing
• Monitor service health and prevent abuse
• Communicate important service updates
• Enforce our Terms of Service

3. Third-Party Sub-Processors

To deliver our Services we share data with sub-processors under their commercial API or DPA terms. They fall into three categories:

• AI Model Processors — receive conversation text and document content for model inference (OpenAI, Anthropic, Google, Perplexity).
• Web Search and Fetch Processors — receive only search query strings or target URLs you reference (Serper.dev, Jina AI).
• Infrastructure Processors — host our backend and receive request metadata only (AWS, Cloudflare, Qdrant Cloud, Microsoft Azure AD).

The complete current list — including each sub-processor's purpose, region, and DPA URL — is published at lunarabbit.ai/subprocessors. We give at least 30 days' advance notice on that page before adding any new sub-processor that materially changes the categories of data we share.

Default behavior on commercial API tiers is no training on customer data — this is contractually guaranteed and not subject to opt-in toggles. If you opt in to anonymized pattern use (Section 1), de-identified snapshots may additionally be sent to AI model providers for engineering analysis and future fine-tuning of LunaRabbit's own models.

Engineering Analysis (Internal). Authorized LunaRabbit personnel may review individual conversations for the limited purpose of debugging regressions, improving prompt quality, or investigating user-submitted error reports. This is human review of stored data — it does not send data to AI model providers and does not update any model's weights. Access is SSO + IP-allowlist gated and logged for audit. The same policy applies to "Improvement / Error Report" attachments you opt-in to submit.

4. International Data Transfers

Your data may be transferred to and processed in the United States and other countries where our AI service providers operate. We rely on your consent and, where applicable, standard contractual clauses or other lawful transfer mechanisms to ensure adequate protection of your data. These jurisdictions may have different data protection laws than your country of residence.

5. Data Security

We implement industry-standard security measures:

• All data is transmitted over HTTPS (TLS 1.2/1.3). TLS is terminated at Cloudflare and the internal origin.
• Regular security audits and vulnerability assessments.
• Server access restricted to authorized LunaRabbit personnel. Production databases are accessed only through audited session pipelines.

6. Data Retention

• Account data: Retained until you delete your account.
• Conversation history (cloud-only since 2026-05-11): Stored on LunaRabbit servers for up to 365 days from creation, then automatically deleted. You can delete individual conversations or your entire history at any time via Settings (immediate, cascade-delete).
• Anonymized pattern data (opt-in only): If you have opted in, anonymized snapshots (with personal information removed) are retained for retrieval augmentation and future fine-tuning. Retention follows our internal data lifecycle policy; once incorporated into the fewshot database or fine-tuned models, individual patterns cannot be retroactively removed (see Section 1, "Anonymized Pattern Use").
• Sub-processor retention: OpenAI up to 30 days (abuse monitoring), Anthropic 7 days (default), Google varies. None of these providers use data for training under commercial API tiers.
• AI processing cache: Temporary data (images, context) is deleted within 24 hours. Custom function result caches are retained for up to 30 days to improve performance.
• Usage analytics: Retained in aggregated, anonymized form.
• Billing records (when paid plans are introduced): Retained as required by applicable law.

7. Cookies and Local Storage

Our Services use browser local storage and session storage to maintain your authentication state and preferences. We do not use third-party tracking cookies. Essential storage is required for the Services to function and cannot be disabled.

For full details on what we store and how to manage it, see our Cookie Policy.

8. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Delete your account and associated data
• Export a machine-readable copy of your personal data (GDPR Art. 20 — Data Portability). You can download your data directly from the Settings menu in the add-in, or by contacting us.
• Opt out of non-essential data processing (anonymized data collection: paid plans only — see Section 1, "Anonymized Data Collection")

To exercise any of these rights, contact us at [email protected]. For data export, you can also use the self-service "Download My Data" option in the add-in's menu, which provides a JSON file containing your profile, transaction history, and usage records.

California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell your personal information.

Our Services do not respond to "Do Not Track" (DNT) browser signals because there is no industry-accepted standard for DNT. However, we do not engage in cross-site tracking.

European Economic Area (EEA) and UK Residents (GDPR)

If you are located in the EEA or UK, the following additional provisions apply:

• Legal Basis for Processing (Art. 6): We process your personal data based on: (a) your consent (account registration, optional data sharing); (b) performance of a contract (providing our Services under these Terms); and (c) our legitimate interests (service improvement, security, fraud prevention), balanced against your rights.
• Data Controller: LunaRabbit Inc., a Delaware corporation, is the data controller for your personal data processed through our Services.
• Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection supervisory authority if you believe your data is being processed unlawfully.
• Automated Decision-Making: Our AI features process your data to generate responses. This processing is necessary for the performance of our contract with you. You may request human review of any AI-generated output by contacting us.
• International Transfers: When your data is transferred outside the EEA/UK, we rely on standard contractual clauses (SCCs) approved by the European Commission, or other lawful transfer mechanisms, to ensure adequate protection.

9. Google API Services User Data Policy

LunaRabbit's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We only access Google user data necessary to provide the Services (active spreadsheet content for AI processing).
• We do not use Google user data for serving advertisements.
• We do not allow humans to read Google user data unless we have your affirmative agreement, it is necessary for security purposes, or it is required by law.
• We do not transfer Google user data to third parties except as necessary to provide the Services (AI model providers under their commercial API terms, which prohibit the use of customer data for model training), with your consent, for security purposes, or as required by law.

10. Children's Privacy

Our Services are not intended for children under the age of 13 (or the minimum age required by applicable law in your jurisdiction). We do not knowingly collect personal information from children under 13. By creating an account, you represent that you meet the minimum age requirement in your jurisdiction. If we learn that we have collected personal information from a child under the applicable minimum age, we will promptly delete that information.

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify affected users via email within 72 hours of becoming aware of the breach, as required by applicable law.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending an email to your registered address. Your continued use of the Services after such changes constitutes acceptance of the updated policy.

13. Data Retention After Account Deletion

Upon account deletion, your personal identifiers (email, name, IP address) are removed immediately. Anonymized, aggregated usage data (such as feature usage counts, response time metrics) that was previously de-identified during your use of the Service is retained indefinitely for service improvement, consistent with Section 6. This data cannot be used to identify you.

14. AI-Generated Content Transparency

In anticipation of the EU AI Act transparency requirements (Art. 50, effective August 2026), all content generated by our AI services is proactively labeled as AI-generated within the user interface. When our AI agents produce text, formulas, code, or other outputs, a visible indicator is displayed alongside the response. This ensures you can always distinguish AI-generated content from human-authored content.

AI-generated outputs should be reviewed before use. We do not guarantee the accuracy, completeness, or fitness of AI-generated content for any particular purpose.

15. Payment Processing (Merchant of Record)

When paid plans are introduced, payments will be processed through a third-party payment processor that acts as our Merchant of Record (MoR). The identity of the processor is disclosed at checkout. Under that arrangement:

• Your card or other payment method is collected and processed by the MoR on its own hosted checkout. LunaRabbit never sees your full payment card details — we only receive a customer identifier and a transaction summary (amount, status, invoice link).
• The MoR handles multi-currency conversion, VAT / GST / US sales tax calculation, and invoice issuance on our behalf as the legal seller of record.
• The MoR's own privacy policy governs the processing of payment data; a link to that policy is provided at checkout.

16. Contact Us

If you have questions about this Privacy Policy, contact us at:

• Email: [email protected]
• Website: https://lunarabbit.ai
• Service: LunaRabbit Office, operated by LunaRabbit Inc.
• Data controller (entity): LunaRabbit Inc., a Delaware corporation
• Mailing address: LunaRabbit Inc., 131 Continental Drive, Suite 305, Newark, DE 19713, United States